Package org.eclipse.jetty.http

Enum HttpCompliance.Violation

java.lang.Object

java.lang.Enum<HttpCompliance.Violation>

org.eclipse.jetty.http.HttpCompliance.Violation

All Implemented Interfaces:

Serializable, Comparable<HttpCompliance.Violation>, java.lang.constant.Constable, ComplianceViolation

Enclosing class:

HttpCompliance

public static enum HttpCompliance.Violation
extends Enum<HttpCompliance.Violation>
implements ComplianceViolation

Nested Class Summary

Nested classes/interfaces inherited from class java.lang.Enum

Enum.EnumDesc<E extends Enum<E>>

Nested classes/interfaces inherited from interface org.eclipse.jetty.http.ComplianceViolation

ComplianceViolation.Listener, ComplianceViolation.Mode

Enum Constant Summary

Enum Constants

Enum Constant	Description
CASE_INSENSITIVE_METHOD	The HTTP RFC(s) require that method names are case sensitive, so that "Get" and "GET" are considered different methods.
CASE_SENSITIVE_FIELD_NAME	The HTTP RFC(s) require that field names are case-insensitive, so for example the fields "Content-Type: text/xml" and "content-type: text/xml" are considered equivalent.
DUPLICATE_HOST_HEADERS	Since RFC 7230: Section 5.4, the HTTP protocol says that a Server must reject a request duplicate host headers.
HTTP_0_9	Since RFC 7230, the expectation that HTTP/0.9 is supported has been removed from the specification.
MISMATCHED_AUTHORITY	Since RFC 7230: Section 5.4, the HTTP protocol must reject a request if the target URI has an authority that is different than a provided Host header.
MULTILINE_FIELD_VALUE	Since RFC 7230, the HTTP protocol no longer supports line folding, which allows a field value to be provided over several lines.
MULTIPLE_CONTENT_LENGTHS	Since RFC 7230, the HTTP protocol has required that a request is invalid if it contains multiple Content-Length fields or values.
NO_COLON_AFTER_FIELD_NAME	Prior to RFC 7230, the HTTP protocol allowed a header line of a single token with neither a colon nor value following, to be interpreted as a field name with no value.
TRANSFER_ENCODING_WITH_CONTENT_LENGTH	Since RFC 7230, the HTTP protocol has required that a request is invalid if it contains both a Transfer-Encoding field and Content-Length field.
UNSAFE_HOST_HEADER	Since RFC 7230, the HTTP protocol should reject a request if the Host headers contains an invalid / unsafe authority.
WHITESPACE_AFTER_FIELD_NAME	Since RFC 7230, the HTTP protocol has required that a request header field has no white space after the field name and before the ':'.

Method Summary

Modifier and Type	Method	Description
String	getDescription()
String	getName()
String	getURL()
static HttpCompliance.Violation	valueOf(String name)	Returns the enum constant of this type with the specified name.
static HttpCompliance.Violation[]	values()	Returns an array containing the constants of this enum type, in the order they are declared.

Methods inherited from class java.lang.Enum

clone, compareTo, describeConstable, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.eclipse.jetty.http.ComplianceViolation

isAllowedBy

Enum Constant Details

CASE_SENSITIVE_FIELD_NAME

public static final HttpCompliance.Violation CASE_SENSITIVE_FIELD_NAME

The HTTP RFC(s) require that field names are case-insensitive, so for example the fields "Content-Type: text/xml" and "content-type: text/xml" are considered equivalent. Jetty has been optimized to take advantage of this by looking up field names in a case insensitive cache and will by default provide the standard capitalisation of a field name rather than create a new string with the actual capitalisation received. However, some applications have been written to expect a specific capitalisation of field, so deployments of such applications must include this violation in their HttpCompliance mode to prevent Jetty altering the case of the fields received. Jetty itself will still match and handle fields names insensitively and this violation only affects how the names are reported to the application. There is a small performance and garbage impact of using this mode.

CASE_INSENSITIVE_METHOD

public static final HttpCompliance.Violation CASE_INSENSITIVE_METHOD

The HTTP RFC(s) require that method names are case sensitive, so that "Get" and "GET" are considered different methods. Jetty releases prior to 9.4 used a case insensitive cache to match method names, thus this requirement was violated. Deployments which wish to retain this legacy violation can include this violation in the HttpCompliance mode.

HTTP_0_9

public static final HttpCompliance.Violation HTTP_0_9

Since RFC 7230, the expectation that HTTP/0.9 is supported has been removed from the specification. If a deployment wished to accept HTTP/0.9 requests, then it can include this violation in it's HttpCompliance mode.

MULTILINE_FIELD_VALUE

public static final HttpCompliance.Violation MULTILINE_FIELD_VALUE

Since RFC 7230, the HTTP protocol no longer supports line folding, which allows a field value to be provided over several lines. Deployments that wish to receive folder field values may include this violation in their HttpCompliance mode.

MULTIPLE_CONTENT_LENGTHS

public static final HttpCompliance.Violation MULTIPLE_CONTENT_LENGTHS

Since RFC 7230, the HTTP protocol has required that a request is invalid if it contains multiple Content-Length fields or values. The request may be treated as invalid even if the multiple values are the same. A deployment may include this violation to allow multiple Content-Length values to be received, but only if they are identical.

TRANSFER_ENCODING_WITH_CONTENT_LENGTH

public static final HttpCompliance.Violation TRANSFER_ENCODING_WITH_CONTENT_LENGTH

Since RFC 7230, the HTTP protocol has required that a request is invalid if it contains both a Transfer-Encoding field and Content-Length field. A deployment may include this violation to allow both fields to be in a received request.

WHITESPACE_AFTER_FIELD_NAME

public static final HttpCompliance.Violation WHITESPACE_AFTER_FIELD_NAME

Since RFC 7230, the HTTP protocol has required that a request header field has no white space after the field name and before the ':'. A deployment may include this violation to allow such fields to be in a received request.

NO_COLON_AFTER_FIELD_NAME

public static final HttpCompliance.Violation NO_COLON_AFTER_FIELD_NAME

Prior to RFC 7230, the HTTP protocol allowed a header line of a single token with neither a colon nor value following, to be interpreted as a field name with no value. A deployment may include this violation to allow such fields to be in a received request.

DUPLICATE_HOST_HEADERS

public static final HttpCompliance.Violation DUPLICATE_HOST_HEADERS

Since RFC 7230: Section 5.4, the HTTP protocol says that a Server must reject a request duplicate host headers. A deployment may include this violation to allow duplicate host headers on a received request.

UNSAFE_HOST_HEADER

public static final HttpCompliance.Violation UNSAFE_HOST_HEADER

Since RFC 7230, the HTTP protocol should reject a request if the Host headers contains an invalid / unsafe authority. A deployment may include this violation to allow unsafe host headesr on a received request.

MISMATCHED_AUTHORITY

public static final HttpCompliance.Violation MISMATCHED_AUTHORITY

Since RFC 7230: Section 5.4, the HTTP protocol must reject a request if the target URI has an authority that is different than a provided Host header. A deployment may include this violation to allow different values on the target URI and the Host header on a received request.

Method Details

values

public static HttpCompliance.Violation[] values()

Returns an array containing the constants of this enum type, in the order they are declared.

Returns:

an array containing the constants of this enum type, in the order they are declared

valueOf

public static HttpCompliance.Violation valueOf(String name)

Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)

Parameters:

name - the name of the enum constant to be returned.

Returns:

the enum constant with the specified name

Throws:

IllegalArgumentException - if this enum type has no constant with the specified name

NullPointerException - if the argument is null

getName

public String getName()

Specified by:

getName in interface ComplianceViolation

Returns:

The name of the violation.

getURL

public String getURL()

Specified by:

getURL in interface ComplianceViolation

Returns:

A URL to the specification that provides more information regarding the requirement that may be violated.

getDescription

public String getDescription()

Specified by:

getDescription in interface ComplianceViolation

Returns:

A short description of the violation.